As companies continue to implement mobile health apps, aggregate clinical trial results, and isolate disease through computer modeling, they are also focused on possible risks. Harnessing cloud technology gives rise to a constant concern about keeping sensitive data secure.

Medicine has led the drive for nimble handling and accessibility of information.  Electronic health records and clinical decision support have been widely adopted. Physician order entry facilitates scrutiny of outcomes. Stats can be compared thanks to industry standards for sharing. Devices for patient compliance and fitness provide value by accumulating user information to assess individual results and detect trends. Finally, better processing power can employ sophisticated algorithms to sift hundreds of millions of compounds and billions of DNA base pairs in a quest to discover drug targets.

The opportunities are matched only by some of the legal challenges that cloud computing and data collection could present. Greenberg Traurig attorneys have firsthand knowledge of the questions that have kept pharmaceutical, medical device, and healthcare leaders up at night:

  • How is privacy and intellectual property protected?
  • Are safeguards to prevent data breaches defensible and revisited often enough?
  • Do patients understand and legally consent to what’s going on?
  • What constitutes proper “de-identifying” of personal health information?
  • What can be shared with third-party payers?
  • How does a company track data processed or stored in the cloud and in so doing, comply with varying requirements around the world?
  • What types of records are required for audits, internal controls, and due diligence?
  • Where does regulation fit in?
  • Is it better to outsource using a branded cloud offering, or to deploy a private network of fiber-connected data centers?
  • To which vendors, if any, can responsibility be allocated?
  • What security risks can be mitigated by migrating in-house functions to the cloud?
  •  What are best practices for back up and redundancy?
  •  How can use of new technology better equip a company to manage the threat of product liability?
  • Will a carefully-crafted regime survive a change of control or bankruptcy?

The cloud cannot be built fast enough to accommodate ever-innovative drug discovery and other uses. The industry is beefing up IT departments and deputizing procurement personnel as conduit engineers and traffic cops. But to tap the cloud as an even more secure solution for life sciences applications, companies also keep ahead of evolving legal issues and weigh best practices.